barmar at alum.mit.edu
Wed Apr 4 22:01:11 UTC 2012
In article <mailman.432.1333575051.63724.bind-users at lists.isc.org>,
Keith Burgoyne <keith at silverorange.com> wrote:
> DNS. ns1.silverorange.com is split into two separate views: internal and
> external. Obviously, internal handles all local hostnames and allows for
> recursive look ups to local clients. External blocks recursive lookups
> for all domains not hosted by us.
> By enabling "querylog yes;" in named.conf, I could see that lame errors
> appear to be generated only by requests for domains we host that live in
> the external view, made from the internal side. For example:
> Apr 4 17:55:24 clementine named: client 192.168.0.254#34358:
> view internal: query: silverorange.com IN A -EDC (192.168.0.12)
> Apr 4 17:55:24 clementine named: lame server resolving
> 'silverorange.com' (in 'silverorange.com'?): 188.8.131.52#53
> Why would using the internal view cause a lame error?
Do you have a copy of all your hosted zones in the internal view? If
not, when an internal client makes a query, the server will have to
recurse. It will query itself, but my guess is that its own address is
also in the internal view, so it won't be able to answer
authoritatively, and thus will appear to be lame.
More information about the bind-users